US7660918B2 - Method for switching node and an information processing system - Google Patents

Method for switching node and an information processing system Download PDF

Info

Publication number
US7660918B2
US7660918B2 US12/369,994 US36999409A US7660918B2 US 7660918 B2 US7660918 B2 US 7660918B2 US 36999409 A US36999409 A US 36999409A US 7660918 B2 US7660918 B2 US 7660918B2
Authority
US
United States
Prior art keywords
access
host
disk device
information
host computers
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US12/369,994
Other versions
US20090157915A1 (en
Inventor
Yusuke Ohashi
Toru Horie
Akio Tatsumi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hitachi Ltd
Original Assignee
Hitachi Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi Ltd filed Critical Hitachi Ltd
Priority to US12/369,994 priority Critical patent/US7660918B2/en
Publication of US20090157915A1 publication Critical patent/US20090157915A1/en
Application granted granted Critical
Publication of US7660918B2 publication Critical patent/US7660918B2/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0637Permissions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0626Reducing size or complexity of storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0635Configuration or reconfiguration of storage systems by changing the path, e.g. traffic rerouting, path reconfiguration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0674Disk device

Definitions

  • the present invention relates to a node switching method and an information processing system. More particularly, it relates to an I/O node-switching method and an information processing system in the following case: At the time of a failure occurrence, a processing, which is being executed by a host where the failure has occurred, is taken over to another host so as to allow another host to continue this processing.
  • systems which form and support the social infrastructure are requested to exhibit a high reliability. Namely, these systems are not permitted to fall into the service interruption, i.e., the system down.
  • these systems are configured as follows: Namely, devices which configure these systems, such as hosts and paths for connecting the hosts with a disk device, are formed into a dual-redundant structure. For example, even if a failure has occurred in an execution-node host, the processing is immediately switched to a standby-node host, thereby preventing the entire system from falling down for a long time. The switching operation like this is referred to as “node switching”.
  • the standby-node host becomes a new execution-node host.
  • an I/O access control needs to be performed so that an I/O for the disk device from the host that had previously been the execution node will be cut off, and so that the cut-off of an I/O therefor from the host that had previously been the standby node will be released. This control is needed in order to prevent a data crash caused by a case where the shared disk is accessed simultaneously by both of the nodes, i.e., the host that has newly become the execution node and the host that had previously been the execution node.
  • JP-A-6-325008 As the method of performing the node switching at the host side as a result of a failure of the OS itself or that of the node switching mechanism, there has been known a technology disclosed in JP-A-6-325008.
  • This conventional technology is as follows: A standby-node host, which has detected the failure, performs a reset operation for an execution-node host so as to interrupt the I/O of the execution-node host, then performing the node switching.
  • the method of performing the I/O access control at the disk-device side is as follows:
  • the I/O access control is performed with respect to plural paths, using the definition of a PERSISTENT RESERVE Command which exists in ANSI Standard SPC (i.e., SCSI-3 Primary Command).
  • PERSISTENT RESERVE which exists in ANSI Standard SPC (i.e., SCSI-3 Primary Command).
  • I/Os from a certain path are cut off, thereby canceling all the I/Os from the path which are in processing.
  • This method which performs a logical-disk exclusion control on each host basis by using the PERSISTENT RESERVE, has been disclosed and known in JP-A-2000-322369.
  • a path which uses the PERSISTENT RESERVE at first, registers the Reservation Key into logical disks. In this case, two ways of methods are prepared for the access control to the logical disks.
  • the first access-control method is a one where only an access from a path that has applied a Reservation is permitted regardless of the presence or absence of the Reservation Key's registration.
  • the second access-control method is a one where accesses from all the paths that have registered the Reservation Keys are permitted if a Reservation has been applied from a certain path. Cutting off the access from a specific host and path necessitates the specification of the Reservation Key to be cut off.
  • the access control to the logical disks by the above-described first method is performed in accordance with the following steps: An execution-node host and a standby-node host have performed in advance the registration of the Reservation Keys, and the execution-node host applies the Reservation. At the time of a failure occurrence, the standby-node host specifies the Reservation Key of the execution-node host, thereby performing the cut-off operation. After that, the standby-node host applies the Reservation.
  • the access control to the logical disks by the above-described second method is performed in accordance with the following steps: Only the execution-node host performs the registration of the Reservation Keys for all the paths from the execution-node host to the disk device. Meanwhile, the standby-node host performs no registration of the Reservation Key. At the time of a failure occurrence, the standby-node host performs the registration of the Reservation Keys for all the paths from the standby-node host to the disk device. Next, the standby-node host specifies all the Reservation Keys of the execution-node host, thereby performing the cut-off operations. After that, the standby-node host applies the Reservation.
  • the reset for the disk device clears all the I/O requests which are in processing within a disk control device.
  • SAN environment Storage Area Network
  • one disk control device makes I/O requests from the plural hosts to plural logical disks. This results in a problem that the above-described method is inapplicable in the SAN environment.
  • the standby-node host performs no registration of the Reservation Key and, after detecting a failure, registers the Reservation Keys to perform the I/O cut-off operations
  • the standby-node host must perform these operations by the number which is equal to the number of the paths ⁇ the number of the logical disks.
  • the second method is applied to a large-scale system, the number of the paths to be dealt with becomes equal to several to several tens of them, and the number of the logical disks becomes equal to several hundreds.
  • the above-described object can be accomplished by a node switching method of controlling the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests.
  • the node switching method includes the following steps:
  • the host computers transmit access-right change commands to the disk device in advance, the access-right change commands including one piece or plural pieces of information resulting from causing I/O-enable/disable information and host identification information to correspond to each other in a one-to-one correspondence manner, the I/O-enable/disable information indicating whether or not the disk device will execute the I/O requests from the host computers, the host identification information being designed for identifying the respective host computers, and the host computers issue, to the disk device, the I/O requests to which the host computers have added the host identification information, and the disk device, in accordance with the access-right change commands from the host computers, changes in batch the I/O-enable/disable information on each host-computer basis, and simultaneously stores and holds the access-right change commands, and the disk device identifies the request-source host computers in response to the I/O requests from the host computers, and, based on the host identification information and the I/O-enable/disable information
  • the above-described object can be accomplished by a node switching method of controlling the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests.
  • the node switching method includes the following steps:
  • the above-described object can be accomplished by an information processing system which is configured to control the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests.
  • each of the host computers includes an I/O request unit for issuing the I/O request to which the I/O request unit has added host identification information for identifying the respective host computers, and an access-right change command unit for transmitting an access-right change command to the disk device, the access-right change command including one piece or plural pieces of information resulting from causing I/O-enable/disable information and the host identification information to correspond to each other in a one-to-one correspondence manner, the I/O-enable/disable information indicating whether or not the disk device will execute the I/O requests from the host computers, the disk device including an access-right management table for storing and holding the access-right change commands from the host computers, an access control unit for identifying the request-source host computers of the I/O requests, and judging the execution enablement/disablement for the I/O requests on each host-computer basis from the host identification information and the access-right management table, and an access-right change unit that, in accordance with the access-right change commands from the host computers,
  • the present invention makes it possible to cut off in batch the I/O requests from a host device where a failure has occurred, and to release in batch the cut-offs of the I/O requests from a standby-node host.
  • This condition allows a high-safety node switching to be executed at a high speed, thereby making it possible to shorten a service interruption time-period in a system which is requested to exhibit a high reliability.
  • FIG. 1 is a block diagram for illustrating the entire configuration of an information processing system according to an embodiment of the present invention to which the present invention has been applied;
  • FIG. 2 is a diagram for illustrating the configuration of an access-right management table within an access control table
  • FIG. 3 is a diagram for illustrating the configuration of a path-information management table within the access control table
  • FIG. 4 is a sequence diagram for explaining an operation of registering the path information into a disk device among an execution-node host, a standby-node host, and the disk device;
  • FIG. 5 is a diagram for illustrating the configuration of the path information transmitted from an active-node host or the standby-node host;
  • FIG. 6 is a sequence diagram for explaining the processing of I/O requests according to the embodiment of the present invention.
  • FIG. 7 is a flowchart for explaining the processing operation by an access control unit 31 within the disk device in the processing sequences explained in FIG. 6 ;
  • FIG. 8 is a flowchart for explaining the processing operation by the access control unit 31 when an I/O processed result is transmitted from an I/O processing unit;
  • FIG. 9 is a sequence diagram for explaining in what manner the execution-node host and the standby-node host will detect failures of the partner hosts;
  • FIG. 10 is a sequence diagram for explaining an access-right change processing operation when the standby-node host has detected a failure of the execution-node host;
  • FIG. 11 is a diagram for illustrating the configuration of an access-right change command transmitted by the processing in the sequence 631 explained in FIG. 10 ;
  • FIG. 12 is a flowchart for explaining the access-right change processing operation in an access-right change unit within the disk device in the processing sequence explained in FIG. 10 ;
  • FIG. 13 is a sequence diagram for explaining a processing in the case where the execution-node host and the standby-node host make I/O requests to the disk device when the change of the access right has been performed by the processing explained in FIG. 10 ;
  • FIG. 14 is a block diagram for illustrating the configuration of an information processing system according to a second embodiment of the present invention to which the present invention is applicable;
  • FIG. 15 is a block diagram for illustrating the configuration of an information processing system according to a third embodiment of the present invention to which the present invention is applicable;
  • FIG. 16 is a block diagram for illustrating the configuration of an information processing system according to a fourth embodiment of the present invention to which the present invention is applicable;
  • FIG. 17 is a flowchart for explaining the processing operation in an access control unit within a disk device in the fourth embodiment of the present invention.
  • FIG. 18 is a diagram for illustrating the configuration of an access-right management table within an access control table used in the fourth embodiment of the present invention.
  • FIG. 19 is a diagram for illustrating the configuration of an access-right change command used in the fourth embodiment of the present invention.
  • FIG. 20 is a block diagram for illustrating the configuration of an information processing system according to a fifth embodiment of the present invention to which the present invention is applicable.
  • FIG. 1 is a block diagram for illustrating the entire configuration of an information processing system according to a first embodiment of the present invention to which the present invention has been applied.
  • the reference numerals denote the following configuration components: 10 an execution-node host computer (hereinafter, simply referred to as “execution-node host”), 11 , 21 path-information transmission units, 12 , 22 failure detection units, 13 , 23 I/O request units, 14 , 24 access-right change command units, 20 a standby-node host computer (hereinafter, simply referred to as “standby-node host”), 30 a disk device, 31 an access control unit, 32 an access-right change unit, 33 a path-information change unit, 34 an I/O processing unit, 35 an access control table, 36 logical disks.
  • the information processing system includes the following configuration components: The execution-node host 10 which is executing an application process, the standby-node host 20 which is on standby in a state of being capable of executing the application process, and the disk device 30 for performing I/Os in accordance with I/O requests from the execution-node host 10 and the standby-node host 20 .
  • FIG. 1 connections among the execution-node host 10 , the standby-node host 20 , and the disk device 30 are illustrated such that the connections are established using different lines. The connections, however, are not limited to the different lines and may also be established using one and the same line.
  • the execution-node host 10 includes the following configuration components: The path-information transmission unit 11 for transmitting path information on the hosts, the failure detection unit 12 for detecting a failure of the standby-node host 20 , the I/O request unit 13 for performing the I/O requests, and the access-right change command unit 14 for transmitting a command of the access-right change.
  • the standby-node host 20 similarly, includes the path-information transmission unit 21 , the failure detection unit 22 , the I/O request unit 23 , and the access-right change command unit 24 .
  • the disk device 30 includes the following configuration components: The access control unit 31 for controlling cut-offs of the I/O requests, the access-right change unit 32 for changing the access right of the disk device 30 in accordance with the commands from the hosts, the path-information change unit 33 for receiving the path information transmitted from the hosts, the I/O processing unit 34 for actually performing the processings of the I/Os, the access control table 35 for holding information for controlling accesses from the hosts, and the plural logical disks 36 resulting from logically dividing an assembly of disk drives.
  • the access control table 35 includes two tables, i.e., an access-right management table 35 a and a path-information management table 35 b . Next, the explanation will be given below regarding these tables.
  • FIG. 2 is a diagram for illustrating the configuration of the access-right management table 35 a within the access control table 35 .
  • FIG. 3 is a diagram for illustrating the configuration of the path-information management table 35 b within the access control table 35 .
  • the access-right management table 35 a is a table for managing the enablement/disablement for the accesses on each host basis, and the number of the I/Os which are in processing. Accordingly, as illustrated in FIG. 2 , the table 35 a stores host identification information, I/O-enable/disable information, and in-processing I/O number information. Moreover, the table 35 a , which holds one entry for one host, is initialized by commands from the hosts at the time of the hosts' system starting, and is updated by the access-right change commands from the hosts.
  • the I/O-enable/disable information in the entry corresponding to the execution-node host is set to be “enable”, and the I/O-enable/disable information in the entry corresponding to the standby-node host is set to be “disable”.
  • the path-information management table 35 b is a table for managing which of the hosts has held which of the paths. Accordingly, as illustrated in FIG. 3 , the table 35 b stores path identification information and the host identification information in a manner of being paired. Namely, the path-information management table 35 b stores, as path information, the combination of the path identification information and the host identification information.
  • an example of the path identification information is N_Port ID in ANSI Standard FCP which is added to the I/O requests from the hosts for identifying logical paths from the transmission sources. Making reference to this table allows the access control on each I/O-request basis to be performed not on each path basis but on each host basis.
  • FIG. 4 is a sequence diagram for explaining an operation of registering the path information into the disk device 30 among the execution-node host 10 , the standby-node host 20 , and the disk device 30 .
  • the explanation will be given below concerning the path-information registration operation in the embodiment of the present invention.
  • FIG. 5 is a diagram for illustrating the configuration of path information 50 transmitted from an execution-node host or the standby-node host.
  • This path information 50 is the path information transmitted in the above-described sequences 601 , 603 .
  • this path information 50 includes the host identification information and the path identification information from the hosts to the disk device.
  • FIG. 6 is a sequence diagram for explaining the processing of I/O requests according to the embodiment of the present invention. Next, the explanation will be given below regarding this processing. The sequences indicated here are about the processing in the following case: In the state where the I/O-enablement/disablement in the access-right management table 35 a corresponding to the execution-node host 10 is set to be “enable”, and where the I/O-enablement/disablement in the access-right management table 35 a corresponding to the standby-node host 20 is set to be “disable”, the execution-node host 10 and the standby-node host 20 transmit the I/O requests to the disk device 30 .
  • FIG. 7 is a flowchart for explaining the processing operation by the access control unit 31 within the disk device 30 in the processing sequences explained in FIG. 6 . Next, the explanation will be given below concerning this operation.
  • FIG. 8 is a flowchart for explaining the processing operation by the access control unit 31 when the I/O processed result is transmitted from the I/O processing unit 34 .
  • the processing here is the one at the time when the sequence 617 in FIG. 6 is performed.
  • FIG. 9 is a sequence diagram for explaining in what manner the execution-node host 10 and the standby-node host 20 will detect failures of the partner hosts.
  • the example indicated in FIG. 9 is a one where the standby-node host 20 performs the failure detection of the execution-node host 10 .
  • the failure detection unit 22 of the standby-node host 20 transmits health check information to the failure detection unit 12 of the execution-node host 10 (: sequence 621 ). In response to this transmission of the health check information, if the failure detection unit 12 of the execution-node host 10 returns an error (: sequence 622 ), or makes no response within a certain time-period, the failure detection unit 22 of the standby-node host 20 judges that a failure has occurred in the execution-node host 10 .
  • the sequences are basically the same as the above-described ones except that the transmission of the health check information is just performed from the failure detection unit 12 of the execution-node host 10 .
  • the failure detection method is not limited to the above-described one.
  • FIG. 10 is a sequence diagram for explaining an access-right change processing operation when the standby-node host 20 has detected a failure of the execution-node host 10 .
  • the explanation will be given below concerning the access-right change processing at the time of a failure detection in the embodiment of the present invention.
  • the above-described processing allows the cut-offs of the I/O requests from the plural hosts to be controlled in a batch manner on each host basis.
  • FIG. 11 is a diagram for illustrating the configuration of the access-right change command 110 transmitted by the processing in the sequence 631 explained in FIG. 10 .
  • the transmitted access-right change command 110 includes the host identification information for identifying the hosts whose access rights should be changed and the information on the I/O-enablement/disablement.
  • the example illustrated in FIG. 11 is a one of transmitting the command in batch for cutting off in batch the I/O accesses from the host 1 , and for releasing in batch the cut-offs of the I/O accesses from the host 2 .
  • FIG. 12 is a flowchart for explaining the access-right change processing operation by the access-right change unit 32 within the disk device 30 in the processing sequences explained in FIG. 10 . Next, the explanation will be given below regarding this operation.
  • FIG. 13 is a sequence diagram for explaining a processing in the case where the execution-node host 10 and the standby-node host 20 make I/O requests to the disk device 30 when the change of the access right has been performed by the processing explained in FIG. 10 .
  • the sequences indicated in FIG. 13 it turns out that, contrary to the sequences explained in FIG. 6 , an I/O request from the standby-node host 20 is permitted (: 131 , 132 ), and an I/O request from the execution-node host 10 is cut off (: 133 , 134 ).
  • FIG. 14 is a block diagram for illustrating the configuration of an information processing system according to a second embodiment of the present invention to which the present invention is applicable.
  • the second embodiment illustrated in FIG. 14 is an embodiment configured such that a disk device is shared by plural systems each of which includes an active-node host and a standby-node host.
  • logical disks within the disk device are grouped into plural zones, and the logical disks within each zone are set in advance to deny an access from a path other than the one connected therewith.
  • the present invention makes it possible to set the access right on each host basis grouped into each zone. This condition allows the co-use of the present invention with the already-existing function of zone-grouping the disk device.
  • FIG. 15 is a block diagram for illustrating the configuration of an information processing system according to a third embodiment of the present invention to which the present invention is applicable.
  • the third embodiment illustrated in FIG. 15 is an embodiment configured as follows: Each of an active-node host and a standby-node host is connected to a disk device via plural paths, and thus each host finds it possible to perform the load distribution by using the plural paths simultaneously.
  • the present invention performs the access control on each host basis and regardless of the path number. This condition makes the present invention also applicable to the configuration like this.
  • FIG. 16 is a block diagram for illustrating the configuration of an information processing system according to a fourth embodiment of the present invention to which the present invention is applicable.
  • the fourth embodiment illustrated in FIG. 16 is an embodiment configured such that plural application processes are allowed to exist within one host, and such that the respective application processes use different logical disks.
  • the fourth embodiment of the present invention is configured as follows: An application process 1 as an execution node and an application process 2 as a standby node are allowed to exist within a host 1 , and the application process 2 as an execution node and the application process 1 as a standby node are allowed to exist within a host 2 . Also, the application processes 1 as the execution node and the standby node are connected to one of logical disks within a disk device, and the application processes 2 as the execution node and the standby node are connected to the other logical disk within the disk device.
  • the application process 1 that is operating on the host 1 as the execution node falls down, the disk device cuts off an I/O request from the application process 1 on the host 1 , and releases the cut-off of an I/O request from the application process 1 on the host 2 .
  • This procedure is needed to be performed without exerting influences on an I/O request from the application process 2 that is operating on the host 1 .
  • the first method is a one where identification information for identifying the application processes is added to the I/O requests. Namely, this method is as follows: This application-process identification information is added to the host identification information included in the access-right management table 35 a explained in FIG. 2 and the access-right change command 110 explained in FIG. 11 . Moreover, the application-process identification information is also added to the I/O requests that the application processes transmit. Furthermore, the processing operation by the access control unit 31 within the disk device 30 is modified as will be explained below using FIG. 17 .
  • FIG. 17 is a flowchart for explaining the processing operation by the access control unit 31 within the disk device 30 in the fourth embodiment of the present invention.
  • This flowchart results from adding the processing at a step 3110 to the flowchart illustrated in FIG. 7 .
  • the steps other than the step 3110 are the same as those in the case of FIG. 7 .
  • the execution of the processing at the step 3110 analyzes the I/O requests, thereby acquiring the application-process identification information. This allows the implementation of a comparison on each received I/O-request basis between the I/O requests and the host identification information within the access control table 35 including the application-process identification information.
  • the employment of the above-described method makes it possible to implement the access control without being conscious of the paths.
  • This makes the following configuration elements unnecessary: The path-information transmission units of the hosts, the path-information change unit of the disk device, the path-information management table within the access control table of the disk device, the path information that the hosts transmit to the disk device, and the path-information registration processing in FIG. 4 .
  • the second method for allowing the access control on each application-process basis is as follows: Namely, in addition to the access-right change on each host basis, the access-right change is performed on each logical-disk basis simultaneously. Next, the explanation will be given below regarding this method.
  • FIG. 18 is a diagram for illustrating the configuration of an access-right management table 35 aa within the access control table 35 used in the fourth embodiment of the present invention.
  • FIG. 19 is a diagram for illustrating the configuration of an access-right change command 110 a used in the fourth embodiment of the present invention.
  • the access-right management table 35 aa and the access-right change command 110 a within the access control table 35 used in the fourth embodiment of the present invention are configured by adding identification information for identifying the logical disks to the table 35 a and the command 110 explained in FIG. 2 and FIG. 11 each.
  • the following steps allow the execution of the access control on each host basis and on each logical-disk basis: Namely, a step of retrieving entries in which path identification information included in the I/O requests coincides with the path identification information within the path-information management table 35 b illustrated in FIG. 3 , and, based on the host identification information in the entries which have coincided therewith and target logical-disk information included in the I/O requests, a step of retrieving, from the access-right management table 35 aa illustrated in FIG. 18 , entries of the access control information in which the host identification information and the logical-disk identification information coincide with each other.
  • the hosts transmit the commands based on the access-right change command 110 a which, as illustrated in FIG. 19 , includes the logical disks becoming the access-right change targets, the host identification information on the hosts whose access rights are to be changed, and the access enablement/disablement information.
  • the disk device changes, to “enable” or “disable”, the I/O-enable/disable information in entries in which the logical disks and the host identification information within the access-right management table 35 aa illustrated in FIG. 18 and the logical disks and the host identification information included in the access-right change command 110 a coincide with each other. This allows the implementation of the access-right changes on each host basis and on each logical-disk basis.
  • the access-right change commands are performed in batch with respect to the logical-disk group that the application processes access. This permits the implementation of the access control on each application-process basis.
  • the above-described first method in the fourth embodiment of the present invention requires that the application-process identification information be added to the I/O requests.
  • the case of the second method permits the in-batch access control over the logical disks to be executed on each application-process basis without adding the application-process identification information to the I/O requests.
  • FIG. 20 is a block diagram for illustrating the configuration of an information processing system according to a fifth embodiment of the present invention to which the present invention is applicable.
  • the fifth embodiment illustrated in FIG. 20 is an embodiment configured as follows: There exist plural execution-node hosts in such a manner that, even if a failure occurs in whatever execution-node host, one standby-node host will be able to restart the execution of a processing in the execution-node host where the failure has occurred.
  • the present invention performs the access control on each host basis, which makes the present invention applicable to even the configuration like this.
  • processing programs can be provided in a state of being stored into storage media such as a HD, a DAT, a FD, a MO, a DVD-ROM, and a CD-ROM.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)
  • Hardware Redundancy (AREA)

Abstract

In an information processing system including host computers and disk devices, each of an execution-node host and a standby-node host includes an I/O request unit and an access-right change command unit. The I/O request unit issues an I/O request. The access-right change command unit transmits an access-right change command. The access-right change command results from causing I/O-enable/disable information and the host identification information to correspond to each other. The disk device includes an access control table, an access control unit, and an access-right change unit. The access control table stores information of the access-right change commands from the hosts. The access control unit judges the execution enablement/disablement for the I/O requests from the host identification information and the access control table. The access-right change unit, in accordance with the access-right change commands from the hosts, changes in batch the I/O-enable/disable information on each host basis within the access control table.

Description

CROSS REFERENCE TO RELATED APPLICATION
This is a continuation of U.S. application Ser. No. 10/806,338, filed Mar. 23, 2004 now abandoned. This application relates to and claims priority from Japanese Patent Application No. 2003-363531, filed on Oct. 23, 2003. The entirety of the contents and subject matter of all of the above is incorporated herein by reference.
BACKGROUND OF THE INVENTION
The present invention relates to a node switching method and an information processing system. More particularly, it relates to an I/O node-switching method and an information processing system in the following case: At the time of a failure occurrence, a processing, which is being executed by a host where the failure has occurred, is taken over to another host so as to allow another host to continue this processing.
Generally speaking, starting with a financial system and a securities system, systems which form and support the social infrastructure are requested to exhibit a high reliability. Namely, these systems are not permitted to fall into the service interruption, i.e., the system down. On account of this requirement, these systems are configured as follows: Namely, devices which configure these systems, such as hosts and paths for connecting the hosts with a disk device, are formed into a dual-redundant structure. For example, even if a failure has occurred in an execution-node host, the processing is immediately switched to a standby-node host, thereby preventing the entire system from falling down for a long time. The switching operation like this is referred to as “node switching”.
As described above, in the dual-redundant system, if a failure has occurred in an execution-node host and if the node switching to a standby-node host has been performed, the standby-node host becomes a new execution-node host. During the node switching and after the node switching, however, an I/O access control needs to be performed so that an I/O for the disk device from the host that had previously been the execution node will be cut off, and so that the cut-off of an I/O therefor from the host that had previously been the standby node will be released. This control is needed in order to prevent a data crash caused by a case where the shared disk is accessed simultaneously by both of the nodes, i.e., the host that has newly become the execution node and the host that had previously been the execution node.
As methods for performing the I/O access control as described above, there exists a method performed at the host side and a one performed at the disk-device side.
As the method of performing the node switching at the host side as a result of a failure of the OS itself or that of the node switching mechanism, there has been known a technology disclosed in JP-A-6-325008. This conventional technology is as follows: A standby-node host, which has detected the failure, performs a reset operation for an execution-node host so as to interrupt the I/O of the execution-node host, then performing the node switching.
The method of performing the I/O access control at the disk-device side is as follows: The I/O access control is performed with respect to plural paths, using the definition of a PERSISTENT RESERVE Command which exists in ANSI Standard SPC (i.e., SCSI-3 Primary Command). Also, I/Os from a certain path are cut off, thereby canceling all the I/Os from the path which are in processing. This method, which performs a logical-disk exclusion control on each host basis by using the PERSISTENT RESERVE, has been disclosed and known in JP-A-2000-322369. Moreover, a path which uses the PERSISTENT RESERVE, at first, registers the Reservation Key into logical disks. In this case, two ways of methods are prepared for the access control to the logical disks.
The first access-control method is a one where only an access from a path that has applied a Reservation is permitted regardless of the presence or absence of the Reservation Key's registration. The second access-control method is a one where accesses from all the paths that have registered the Reservation Keys are permitted if a Reservation has been applied from a certain path. Cutting off the access from a specific host and path necessitates the specification of the Reservation Key to be cut off.
Consequently, the access control to the logical disks by the above-described first method is performed in accordance with the following steps: An execution-node host and a standby-node host have performed in advance the registration of the Reservation Keys, and the execution-node host applies the Reservation. At the time of a failure occurrence, the standby-node host specifies the Reservation Key of the execution-node host, thereby performing the cut-off operation. After that, the standby-node host applies the Reservation.
Also, the access control to the logical disks by the above-described second method is performed in accordance with the following steps: Only the execution-node host performs the registration of the Reservation Keys for all the paths from the execution-node host to the disk device. Meanwhile, the standby-node host performs no registration of the Reservation Key. At the time of a failure occurrence, the standby-node host performs the registration of the Reservation Keys for all the paths from the standby-node host to the disk device. Next, the standby-node host specifies all the Reservation Keys of the execution-node host, thereby performing the cut-off operations. After that, the standby-node host applies the Reservation.
SUMMARY OF THE INVENTION
In the conventional-technology method of performing the above-described I/O cut-off operation at the host side, the reset for the disk device clears all the I/O requests which are in processing within a disk control device. As a consequence, in a storage area network environment (SAN environment: Storage Area Network) where plural hosts and plural disk devices are connected to each other via switches, there exists a possibility that one disk control device makes I/O requests from the plural hosts to plural logical disks. This results in a problem that the above-described method is inapplicable in the SAN environment.
Also, of the conventional-technology methods of performing the I/O cut-off operation at the disk-device side, in the first method where only an access from a host that has applied a Reservation is permitted in the PERSISTENT RESERVE Command, there exists only one path whose access is permissible. As a consequence, it is impossible to apply the first method to situations where accesses from plural paths are wished to be permitted, such as a multi-path environment where there are provided plural paths from one host to a logical disk, and a case where plural operation-node hosts exist. This results in a problem that a limitation is imposed on the configuration to which the method is applicable.
Also, in the second method where the standby-node host performs no registration of the Reservation Key and, after detecting a failure, registers the Reservation Keys to perform the I/O cut-off operations, the standby-node host must perform these operations by the number which is equal to the number of the paths×the number of the logical disks. Here, when the second method is applied to a large-scale system, the number of the paths to be dealt with becomes equal to several to several tens of them, and the number of the logical disks becomes equal to several hundreds. As a consequence, it turns out that, even if it has been found successful to be able to process each operation in several milliseconds, processing all the operations necessitate a time of order of several to several tens of seconds in total. This gives rise to a problem that this total amount of time needed leads to an increase in the service interruption time-period at the time of the failure occurrence.
It is an object of the present invention to solve the above-described problems in the conventional technologies, and to provide a node switching method and an information processing system that allow a failure-occurrence-time I/O node-switching to be executed in a shorter time even in a large-scale system where hosts, logical disks, and paths connected to a disk device are large in number.
According to the present invention, the above-described object can be accomplished by a node switching method of controlling the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests. Here, the node switching method includes the following steps: The host computers transmit access-right change commands to the disk device in advance, the access-right change commands including one piece or plural pieces of information resulting from causing I/O-enable/disable information and host identification information to correspond to each other in a one-to-one correspondence manner, the I/O-enable/disable information indicating whether or not the disk device will execute the I/O requests from the host computers, the host identification information being designed for identifying the respective host computers, and the host computers issue, to the disk device, the I/O requests to which the host computers have added the host identification information, and the disk device, in accordance with the access-right change commands from the host computers, changes in batch the I/O-enable/disable information on each host-computer basis, and simultaneously stores and holds the access-right change commands, and the disk device identifies the request-source host computers in response to the I/O requests from the host computers, and, based on the host identification information and the I/O-enable/disable information that the disk device has held, the disk device judges the execution enablement/disablement for the I/O requests on each host-computer's node basis.
Also, the above-described object can be accomplished by a node switching method of controlling the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests. Here, the node switching method includes the following steps: The host computers possess plural application processes, and the application processes transmit access-right change commands to the disk device in advance, the access-right change commands including one piece or plural pieces of information resulting from causing I/O-enable/disable information and application-process identification information to correspond to each other in a one-to-one correspondence manner, the I/O-enable/disable information indicating whether or not the disk device will execute the I/O requests from the application processes, the application-process identification information being designed for identifying the respective application processes, and, the application processes issue, to the disk device, the I/O requests to which the application processes have added the application-process identification information, and the disk device, in accordance with the access-right change commands from the application processes, changes in batch the I/O-enable/disable information on each application-process basis, and simultaneously stores and holds the access-right change commands, and the disk device identifies the request-source application processes in response to the I/O requests from the application processes, and, based on the application-process identification information and the I/O-enable/disable information that the disk device has held, the disk device judges the execution enablement/disablement for the I/O requests on each application-process's node basis.
Moreover, the above-described object can be accomplished by an information processing system which is configured to control the execution enablement/disablement for I/O requests from plural host computers to a disk device so as to perform the switching to a node which is capable of executing the I/O requests. Here, each of the host computers includes an I/O request unit for issuing the I/O request to which the I/O request unit has added host identification information for identifying the respective host computers, and an access-right change command unit for transmitting an access-right change command to the disk device, the access-right change command including one piece or plural pieces of information resulting from causing I/O-enable/disable information and the host identification information to correspond to each other in a one-to-one correspondence manner, the I/O-enable/disable information indicating whether or not the disk device will execute the I/O requests from the host computers, the disk device including an access-right management table for storing and holding the access-right change commands from the host computers, an access control unit for identifying the request-source host computers of the I/O requests, and judging the execution enablement/disablement for the I/O requests on each host-computer basis from the host identification information and the access-right management table, and an access-right change unit that, in accordance with the access-right change commands from the host computers, changes in batch the I/O-enable/disable information on each host-computer basis within the access-right management table, the disk device judging the execution enablement/disablement for the I/O requests on each host-computer's node basis, the host computers being the I/O request sources.
The present invention makes it possible to cut off in batch the I/O requests from a host device where a failure has occurred, and to release in batch the cut-offs of the I/O requests from a standby-node host. This condition allows a high-safety node switching to be executed at a high speed, thereby making it possible to shorten a service interruption time-period in a system which is requested to exhibit a high reliability.
Other objects, features and advantages of the invention will become apparent from the following description of the embodiments of the invention taken in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram for illustrating the entire configuration of an information processing system according to an embodiment of the present invention to which the present invention has been applied;
FIG. 2 is a diagram for illustrating the configuration of an access-right management table within an access control table;
FIG. 3 is a diagram for illustrating the configuration of a path-information management table within the access control table;
FIG. 4 is a sequence diagram for explaining an operation of registering the path information into a disk device among an execution-node host, a standby-node host, and the disk device;
FIG. 5 is a diagram for illustrating the configuration of the path information transmitted from an active-node host or the standby-node host;
FIG. 6 is a sequence diagram for explaining the processing of I/O requests according to the embodiment of the present invention;
FIG. 7 is a flowchart for explaining the processing operation by an access control unit 31 within the disk device in the processing sequences explained in FIG. 6;
FIG. 8 is a flowchart for explaining the processing operation by the access control unit 31 when an I/O processed result is transmitted from an I/O processing unit;
FIG. 9 is a sequence diagram for explaining in what manner the execution-node host and the standby-node host will detect failures of the partner hosts;
FIG. 10 is a sequence diagram for explaining an access-right change processing operation when the standby-node host has detected a failure of the execution-node host;
FIG. 11 is a diagram for illustrating the configuration of an access-right change command transmitted by the processing in the sequence 631 explained in FIG. 10;
FIG. 12 is a flowchart for explaining the access-right change processing operation in an access-right change unit within the disk device in the processing sequence explained in FIG. 10;
FIG. 13 is a sequence diagram for explaining a processing in the case where the execution-node host and the standby-node host make I/O requests to the disk device when the change of the access right has been performed by the processing explained in FIG. 10;
FIG. 14 is a block diagram for illustrating the configuration of an information processing system according to a second embodiment of the present invention to which the present invention is applicable;
FIG. 15 is a block diagram for illustrating the configuration of an information processing system according to a third embodiment of the present invention to which the present invention is applicable;
FIG. 16 is a block diagram for illustrating the configuration of an information processing system according to a fourth embodiment of the present invention to which the present invention is applicable;
FIG. 17 is a flowchart for explaining the processing operation in an access control unit within a disk device in the fourth embodiment of the present invention;
FIG. 18 is a diagram for illustrating the configuration of an access-right management table within an access control table used in the fourth embodiment of the present invention;
FIG. 19 is a diagram for illustrating the configuration of an access-right change command used in the fourth embodiment of the present invention; and
FIG. 20 is a block diagram for illustrating the configuration of an information processing system according to a fifth embodiment of the present invention to which the present invention is applicable.
DESCRIPTION OF THE EMBODIMENTS
Hereinafter, referring to the drawings, the detailed explanation will be given below concerning embodiments of the node switching method according to the present invention.
FIG. 1 is a block diagram for illustrating the entire configuration of an information processing system according to a first embodiment of the present invention to which the present invention has been applied. In FIG. 1, the reference numerals denote the following configuration components: 10 an execution-node host computer (hereinafter, simply referred to as “execution-node host”), 11, 21 path-information transmission units, 12, 22 failure detection units, 13, 23 I/O request units, 14, 24 access-right change command units, 20 a standby-node host computer (hereinafter, simply referred to as “standby-node host”), 30 a disk device, 31 an access control unit, 32 an access-right change unit, 33 a path-information change unit, 34 an I/O processing unit, 35 an access control table, 36 logical disks.
The information processing system according to the first embodiment of the present invention includes the following configuration components: The execution-node host 10 which is executing an application process, the standby-node host 20 which is on standby in a state of being capable of executing the application process, and the disk device 30 for performing I/Os in accordance with I/O requests from the execution-node host 10 and the standby-node host 20. In FIG. 1, connections among the execution-node host 10, the standby-node host 20, and the disk device 30 are illustrated such that the connections are established using different lines. The connections, however, are not limited to the different lines and may also be established using one and the same line. The execution-node host 10 includes the following configuration components: The path-information transmission unit 11 for transmitting path information on the hosts, the failure detection unit 12 for detecting a failure of the standby-node host 20, the I/O request unit 13 for performing the I/O requests, and the access-right change command unit 14 for transmitting a command of the access-right change. The standby-node host 20, similarly, includes the path-information transmission unit 21, the failure detection unit 22, the I/O request unit 23, and the access-right change command unit 24. The disk device 30 includes the following configuration components: The access control unit 31 for controlling cut-offs of the I/O requests, the access-right change unit 32 for changing the access right of the disk device 30 in accordance with the commands from the hosts, the path-information change unit 33 for receiving the path information transmitted from the hosts, the I/O processing unit 34 for actually performing the processings of the I/Os, the access control table 35 for holding information for controlling accesses from the hosts, and the plural logical disks 36 resulting from logically dividing an assembly of disk drives.
The access control table 35 includes two tables, i.e., an access-right management table 35 a and a path-information management table 35 b. Next, the explanation will be given below regarding these tables.
FIG. 2 is a diagram for illustrating the configuration of the access-right management table 35 a within the access control table 35. FIG. 3 is a diagram for illustrating the configuration of the path-information management table 35 b within the access control table 35.
The access-right management table 35 a is a table for managing the enablement/disablement for the accesses on each host basis, and the number of the I/Os which are in processing. Accordingly, as illustrated in FIG. 2, the table 35 a stores host identification information, I/O-enable/disable information, and in-processing I/O number information. Moreover, the table 35 a, which holds one entry for one host, is initialized by commands from the hosts at the time of the hosts' system starting, and is updated by the access-right change commands from the hosts. At the time of the initialization, the I/O-enable/disable information in the entry corresponding to the execution-node host is set to be “enable”, and the I/O-enable/disable information in the entry corresponding to the standby-node host is set to be “disable”.
Meanwhile, the path-information management table 35 b is a table for managing which of the hosts has held which of the paths. Accordingly, as illustrated in FIG. 3, the table 35 b stores path identification information and the host identification information in a manner of being paired. Namely, the path-information management table 35 b stores, as path information, the combination of the path identification information and the host identification information. Here, an example of the path identification information is N_Port ID in ANSI Standard FCP which is added to the I/O requests from the hosts for identifying logical paths from the transmission sources. Making reference to this table allows the access control on each I/O-request basis to be performed not on each path basis but on each host basis.
FIG. 4 is a sequence diagram for explaining an operation of registering the path information into the disk device 30 among the execution-node host 10, the standby-node host 20, and the disk device 30. Next, referring to FIG. 4, the explanation will be given below concerning the path-information registration operation in the embodiment of the present invention.
  • (1) At first, with respect to the disk device 30, the execution-node host 10 transmits, from the path-information transmission unit 11 to the path-information change unit 33 of the disk device 30, all the pieces of path information from the execution-node host 10 to the disk device 30 (: sequence 601).
  • (2) To the path-information management table 35 b within the access control table 35, the path-information change unit 33 of the disk device 30 adds, as one entry, the combination of the path identification information and the host identification information transmitted in the sequence 601 (: sequence 602).
  • (3) Similarly, with respect to the disk device 30, the standby-node host 20 transmits, from the path-information transmission unit 21 to the path-information change unit 33 of the disk device 30, all the pieces of path information from the standby-node host 20 to the disk device 30. Furthermore, to the path-information management table 35 b within the access control table 35, the path-information change unit 33 adds, as one entry, the combination of the path identification information and the host identification information transmitted (: sequences 603, 604).
FIG. 5 is a diagram for illustrating the configuration of path information 50 transmitted from an execution-node host or the standby-node host. This path information 50 is the path information transmitted in the above-described sequences 601, 603. As illustrated in FIG. 5, this path information 50 includes the host identification information and the path identification information from the hosts to the disk device. Here, there may exist the plural pieces of path identification information.
FIG. 6 is a sequence diagram for explaining the processing of I/O requests according to the embodiment of the present invention. Next, the explanation will be given below regarding this processing. The sequences indicated here are about the processing in the following case: In the state where the I/O-enablement/disablement in the access-right management table 35 a corresponding to the execution-node host 10 is set to be “enable”, and where the I/O-enablement/disablement in the access-right management table 35 a corresponding to the standby-node host 20 is set to be “disable”, the execution-node host 10 and the standby-node host 20 transmit the I/O requests to the disk device 30.
  • (1) The I/O request unit 13 of the execution-node host 10 transmits an I/O request to the disk device 30. The access control unit 31 of the disk device 30 receives this transmitted I/O request. Then, from the path-information management table 35 b in the access control table 35, the unit 31 retrieves an entry which coincides with path identification information included in the I/O request, thereby determining the corresponding host identification information. Next, from the access-right management table 35 a, the unit 31 retrieves an entry which coincides with the corresponding host identification information, thereby acquiring I/O-enable/disable information in the entry which has coincided therewith. Moreover, the unit 31 updates the in-processing I/O number in the access-right management table 35 a (: sequences 611 to 613).
  • (2) The example explained here assumes that the I/O-enablement/disablement in the access-right management table 35 a corresponding to the execution-node host 10 has been set to be “enable”. Namely, the I/O-enable/disable information is “enable”. Consequently, the access control unit 31 of the disk device 30 transmits the I/O request to the I/O processing unit 34, then receiving an I/O processed result transmitted from the I/O processing unit 34 (: sequences 614, 615).
  • (3) After having received the I/O processed result transmitted from the I/O processing unit 34, the access control unit 31 performs the updating of the in-processing I/O number in the access-right management table 35 a. Simultaneously, the unit 31 transmits the I/O processed result to the I/O request unit 13 of the execution-node host 10 (: sequences 616, 617).
  • (4) Meanwhile, if the I/O request unit 23 of the standby-node host 20 transmits an I/O request to the disk device 30, the access control unit 31 of the disk device 30 receives this I/O request. Then, similarly with the above-described case, the unit 31 retrieves an entry which coincides with path identification information included in the I/O request, thereby determining the corresponding host identification information. Next, from the access-right management table 35 a, the unit 31 retrieves an entry which coincides with the corresponding host identification information, thereby acquiring I/O-enable/disable information in the entry which has coincided therewith. In this case, however, the I/O-enablement/disablement in the access-right management table 35 a has been set to be “disable”. Consequently, the access control unit 31 transmits an I/O cut-off notice to the I/O request unit 23 of the standby-node host 20 (: sequences 618 to 620).
FIG. 7 is a flowchart for explaining the processing operation by the access control unit 31 within the disk device 30 in the processing sequences explained in FIG. 6. Next, the explanation will be given below concerning this operation.
  • (1) Having received the I/O request from the I/O request unit 13 of the execution-node host 10 or the I/O request unit 23 of the standby-node host 20, the access control unit 13 retrieves, from the path-information management table 35 b in the access control table 35, the entry which coincides with the path identification information included in the I/O request, thereby determining the corresponding host identification information. Next, from the access-right management table 35 a, the unit 31 retrieves the entry which coincides with the corresponding host identification information, thereby acquiring the I/O-enable/disable information in the entry which has coincided therewith (: steps 3101, 3102).
  • (2) Moreover, the access control unit 31 judges whether the I/O-enable/disable information acquired has been set to be “enable” or “disable”. If the information has been set to be “disable”, the unit 31 transmits the I/O cut-off notice, which notifies that the I/O request has failed, to the I/O request unit of the host that had transmitted this I/O request (i.e., the I/O request unit 23 of the standby-node host 20 in the explained example) (: steps 3103, 3104).
  • (3) If, in the judgment at the step 3103, the I/O-enable/disable information acquired has been set to be “enable”, this I/O request is permitted. Accordingly, the access control unit 31 increments, by 1, the in-processing I/O number in the entry in the access-right management table 35 a within the access control table 35 corresponding to the host that had transmitted this I/O request (i.e., the execution-node host 10 in the explained example) (: step 3105).
  • (4) After that, the access control unit 31 transmits the command of the I/O processing requested to the I/O processing unit 34. Next, the I/O processing unit 34 performs the I/O processing to the logical disks 36, then waiting for the I/O processed result to be transmitted (: step 3106).
FIG. 8 is a flowchart for explaining the processing operation by the access control unit 31 when the I/O processed result is transmitted from the I/O processing unit 34. Next, the explanation will be given below regarding this operation. The processing here is the one at the time when the sequence 617 in FIG. 6 is performed.
  • (1) The access control unit 31 of the disk device 30 receives, from the I/O processing unit 34, a notice that the I/O processing has been completed, and simultaneously the unit 31 receives the I/O processed result (: step 3107).
  • (2) Having received the notice of the I/O-processing completion, the access control unit 31 decrements, by 1, the in-processing I/O number in the entry in the access-right management table 35 a within the access control table 35 corresponding to the host that had requested the I/O processing (i.e., the execution-node host 10 in the explained example). Next, the unit 31 transmits the I/O processed result to the I/O request unit 13 of the execution-node host 10 (: steps 3108, 3109).
FIG. 9 is a sequence diagram for explaining in what manner the execution-node host 10 and the standby-node host 20 will detect failures of the partner hosts. The example indicated in FIG. 9 is a one where the standby-node host 20 performs the failure detection of the execution-node host 10.
As illustrated in FIG. 9, the failure detection unit 22 of the standby-node host 20 transmits health check information to the failure detection unit 12 of the execution-node host 10 (: sequence 621). In response to this transmission of the health check information, if the failure detection unit 12 of the execution-node host 10 returns an error (: sequence 622), or makes no response within a certain time-period, the failure detection unit 22 of the standby-node host 20 judges that a failure has occurred in the execution-node host 10. If, conversely, the execution-node host 10 performs the failure detection of the standby-node host 20, the sequences are basically the same as the above-described ones except that the transmission of the health check information is just performed from the failure detection unit 12 of the execution-node host 10. Incidentally, in the present invention, the failure detection method is not limited to the above-described one.
FIG. 10 is a sequence diagram for explaining an access-right change processing operation when the standby-node host 20 has detected a failure of the execution-node host 10. Next, the explanation will be given below concerning the access-right change processing at the time of a failure detection in the embodiment of the present invention.
  • (1) If the standby-node host 20 has detected a failure of the execution-node host 10, the standby-node host 20, which has detected the failure of the execution-node host 10, transmits an access-right change command 110 from the access-right change command unit 24 to the access-right change unit 32 of the disk device 30. Here, the access-right change command 110 is a command for cutting off I/O accesses from the execution-node host 10, and for releasing the cut-offs of I/O accesses from the standby-node host 20 (: sequence 631).
  • (2) Having received the access-right change command 110 in the sequence 631, the access-right change unit 32 of the disk device 30 performs the following operation in order not to permit a new access from the execution-node host 10: At first, the unit 32 extracts, from the access-right change command 110, one entry in which the I/O-enablement/disablement has become “disable”. Next, the unit 32 updates, to “disable”, the I/O-enablement/disablement in the entry (i.e., the one corresponding to the execution-node host 10 in the case of the explained example) in the access-right management table 35 a within the access control table 35 whose host identification information coincides with that of the extracted one entry (: sequence 632).
  • (3) Also, the access-right change unit 32 retrieves the in-processing I/O number for the cut-off host, thereby judging whether or not there exist entries in which the in-processing I/O numbers are not equal to 0. If there exists at least one such entry, the unit 32 waits for all of the in-processing I/O numbers to become equal to 0 (: sequence 633).
  • (4) If all of the in-processing I/O numbers have become equal to 0, the access-right change unit 32 performs the following operation in order to perform the operation of releasing the cut-offs of the I/O accesses: Namely, the unit 32 extracts, from the access-right change command 110, one entry in which the I/O-enablement/disablement has become “enable”. Next, the unit 32 updates, to “enable”, the I/O-enablement/disablement in the entry (i.e., the one corresponding to the standby-node host 20 in the case of the explained example) in the access-right management table 35 a within the access control table 35 whose host identification information coincides with that of the extracted one entry (: sequence 634).
  • (5) After that, the access-right change unit 32 confirms that all the processings for the transmitted access-right change command 110 have been terminated, then transmitting a completion notice to the access-right change command unit 24 of the standby-node host 20 (: sequence 635).
The above-described processing allows the cut-offs of the I/O requests from the plural hosts to be controlled in a batch manner on each host basis.
FIG. 11 is a diagram for illustrating the configuration of the access-right change command 110 transmitted by the processing in the sequence 631 explained in FIG. 10. The transmitted access-right change command 110 includes the host identification information for identifying the hosts whose access rights should be changed and the information on the I/O-enablement/disablement. The example illustrated in FIG. 11 is a one of transmitting the command in batch for cutting off in batch the I/O accesses from the host 1, and for releasing in batch the cut-offs of the I/O accesses from the host 2.
FIG. 12 is a flowchart for explaining the access-right change processing operation by the access-right change unit 32 within the disk device 30 in the processing sequences explained in FIG. 10. Next, the explanation will be given below regarding this operation.
  • (1) Having received the access-right change command 110, the access-right change unit 32 of the disk device 30 performs the following operation in order not to permit the new access from the execution-node host 10: At first, the unit 32 extracts, from the access-right change command 110, one entry in which the I/O-enablement/disablement has become “disable”. Next, the unit 32 updates, to “disable”, the I/O-enablement/disablement in the entry (i.e., the one corresponding to the execution-node host 10 in this embodiment) in the access-right management table 35 a within the access control table 35 whose host identification information coincides with that of the extracted one entry (: steps 3201 to 3203).
  • (2) Moreover, the access-right change unit 32 judges whether or not, of unprocessed entries in the access-right change command 110, there further exists an entry in which the I/O-enablement/disablement has become “disable”. If there exists the entry, the unit 32, going back to the processing from the step 3202, extracts the next entry, then performing basically the same processing. At this time, an I/O request which has been held by the disk device 30 but whose I/O processing has been not started yet is immediately returned back to the execution-node host 10 as an error. If the execution-node host 10 has fallen down, this error response is discarded (: step 3204).
  • (3) The processings for all of the entries in the access-right change command 110 in which the I/O-enablement/disablement has become “disable” are eventually terminated. Namely, in the judgment at the step 3204, if, of the unprocessed entries in the access-right change command 110, the entries in which the I/O-enablement/disablement has become “disable” have been judged to disappear, the unit 32 retrieves, from the access-right management table 35 a within the access control table 35, the in-processing I/O numbers in all of the entries in which the I/O-enablement/disablement has become “disable” (: step 3205).
  • (4) Next, the access-right change unit 32 judges whether or not, in all of the entries retrieved in the processing at the step 3205, there exist the entries in which the in-processing I/O numbers are not equal to 0. If there exists at least one such entry, the unit 32 waits for all of the in-processing I/O numbers to become equal to 0 (: step 3206).
  • (5) If all of the in-processing I/O numbers have become equal to 0, and, if, in the judgment at the step 3206, such entries have been judged to disappear, then, the unit 32 performs the following operation in order to perform the I/O-access cut-off releasing operation: Namely, the unit 32 extracts, from the access-right change command 110, the one entry in which the I/O-enablement/disablement has become “enable”. Next, the unit 32 updates, to “enable”, the I/O-enablement/disablement in the entry (i.e., the one corresponding to the standby-node host 20 in the case of the explained example) in the access-right management table 35 a within the access control table 35 whose host identification information coincides with that of the extracted one entry (: steps 3207, 3208).
  • (6) Furthermore, the access-right change unit 32 judges whether or not, of the unprocessed entries in the access-right change command 110, there further exists an entry in which the I/O-enablement/disablement has become “enable”. If there exists the entry, the unit 32, going back to the processing from the step 3207, extracts the next entry, then performing basically the same processing (: step 3209).
  • (7) In the judgment at the step 3209, if, of the unprocessed entries in the access-right change command 110, the entries in which the I/O-enablement/disablement has become “enable” have been judged to disappear, it turns out that all of the processings for the transmitted access-right change command 110 have been terminated. Accordingly, the access-right change unit 32 of the disk device 30 transmits the completion notice to the access-right change command unit 24 of the standby-node host 20 (: step 3210).
FIG. 13 is a sequence diagram for explaining a processing in the case where the execution-node host 10 and the standby-node host 20 make I/O requests to the disk device 30 when the change of the access right has been performed by the processing explained in FIG. 10. In the sequences indicated in FIG. 13, it turns out that, contrary to the sequences explained in FIG. 6, an I/O request from the standby-node host 20 is permitted (: 131, 132), and an I/O request from the execution-node host 10 is cut off (: 133, 134).
The above-describe embodiment of the present invention has been explained as the embodiment which results from applying the present invention to the information processing system with the configuration explained and indicated in FIG. 1. In addition to the system with the configuration indicated in FIG. 1, however, the present invention is also applicable to systems with various types of configurations. Next, the explanation will be given below concerning these systems.
FIG. 14 is a block diagram for illustrating the configuration of an information processing system according to a second embodiment of the present invention to which the present invention is applicable. The second embodiment illustrated in FIG. 14 is an embodiment configured such that a disk device is shared by plural systems each of which includes an active-node host and a standby-node host. In the case of this configuration, logical disks within the disk device are grouped into plural zones, and the logical disks within each zone are set in advance to deny an access from a path other than the one connected therewith. Even in the configuration like this, the present invention makes it possible to set the access right on each host basis grouped into each zone. This condition allows the co-use of the present invention with the already-existing function of zone-grouping the disk device.
FIG. 15 is a block diagram for illustrating the configuration of an information processing system according to a third embodiment of the present invention to which the present invention is applicable. The third embodiment illustrated in FIG. 15 is an embodiment configured as follows: Each of an active-node host and a standby-node host is connected to a disk device via plural paths, and thus each host finds it possible to perform the load distribution by using the plural paths simultaneously. The present invention performs the access control on each host basis and regardless of the path number. This condition makes the present invention also applicable to the configuration like this.
FIG. 16 is a block diagram for illustrating the configuration of an information processing system according to a fourth embodiment of the present invention to which the present invention is applicable. The fourth embodiment illustrated in FIG. 16 is an embodiment configured such that plural application processes are allowed to exist within one host, and such that the respective application processes use different logical disks. Namely, the fourth embodiment of the present invention is configured as follows: An application process 1 as an execution node and an application process 2 as a standby node are allowed to exist within a host 1, and the application process 2 as an execution node and the application process 1 as a standby node are allowed to exist within a host 2. Also, the application processes 1 as the execution node and the standby node are connected to one of logical disks within a disk device, and the application processes 2 as the execution node and the standby node are connected to the other logical disk within the disk device.
In the system according to the fourth embodiment of the present invention, when the application processes which are existing as an execution node in each host are being executed in each host, if a failure such as an application-process down occurs in one of the hosts, the execution of the application process falling down in the host where the failure has occurred is restarted on the other host where the other application process is being executed. In such a case, even in the case of I/O requests from one and the same host, an I/O request which should be permitted and an I/O request which should not be permitted must be distinguished on each application-process basis. For example, if, in FIG. 16, the application process 1 that is operating on the host 1 as the execution node falls down, the disk device cuts off an I/O request from the application process 1 on the host 1, and releases the cut-off of an I/O request from the application process 1 on the host 2. This procedure is needed to be performed without exerting influences on an I/O request from the application process 2 that is operating on the host 1.
The explanation has been given so far concerning the above-described embodiments of the present invention on the assumption that that the embodiments perform the access control on each host basis. In the configuration indicated as the fourth embodiment, however, the present invention can be expanded to the access control on each application-process basis. This expansion can be implemented by employing either of two methods which will be explained below:
The first method is a one where identification information for identifying the application processes is added to the I/O requests. Namely, this method is as follows: This application-process identification information is added to the host identification information included in the access-right management table 35 a explained in FIG. 2 and the access-right change command 110 explained in FIG. 11. Moreover, the application-process identification information is also added to the I/O requests that the application processes transmit. Furthermore, the processing operation by the access control unit 31 within the disk device 30 is modified as will be explained below using FIG. 17.
FIG. 17 is a flowchart for explaining the processing operation by the access control unit 31 within the disk device 30 in the fourth embodiment of the present invention. This flowchart results from adding the processing at a step 3110 to the flowchart illustrated in FIG. 7. The steps other than the step 3110 are the same as those in the case of FIG. 7. As illustrated in FIG. 17, the execution of the processing at the step 3110 analyzes the I/O requests, thereby acquiring the application-process identification information. This allows the implementation of a comparison on each received I/O-request basis between the I/O requests and the host identification information within the access control table 35 including the application-process identification information.
In the fourth embodiment of the present invention, the employment of the above-described method makes it possible to implement the access control without being conscious of the paths. This makes the following configuration elements unnecessary: The path-information transmission units of the hosts, the path-information change unit of the disk device, the path-information management table within the access control table of the disk device, the path information that the hosts transmit to the disk device, and the path-information registration processing in FIG. 4.
Next, in the system configuration of the fourth embodiment of the present invention, the second method for allowing the access control on each application-process basis is as follows: Namely, in addition to the access-right change on each host basis, the access-right change is performed on each logical-disk basis simultaneously. Next, the explanation will be given below regarding this method.
FIG. 18 is a diagram for illustrating the configuration of an access-right management table 35 aa within the access control table 35 used in the fourth embodiment of the present invention. Also, FIG. 19 is a diagram for illustrating the configuration of an access-right change command 110 a used in the fourth embodiment of the present invention. As shown from FIG. 18 and FIG. 19, the access-right management table 35 aa and the access-right change command 110 a within the access control table 35 used in the fourth embodiment of the present invention are configured by adding identification information for identifying the logical disks to the table 35 a and the command 110 explained in FIG. 2 and FIG. 11 each.
Furthermore, in the second method for allowing the access control on each application-process basis in the system configuration of the fourth embodiment of the present invention, in substitution for the step 3102 explained in FIG. 7, the following steps allow the execution of the access control on each host basis and on each logical-disk basis: Namely, a step of retrieving entries in which path identification information included in the I/O requests coincides with the path identification information within the path-information management table 35 b illustrated in FIG. 3, and, based on the host identification information in the entries which have coincided therewith and target logical-disk information included in the I/O requests, a step of retrieving, from the access-right management table 35 aa illustrated in FIG. 18, entries of the access control information in which the host identification information and the logical-disk identification information coincide with each other.
Also, when the hosts transmit the access-right change commands to the disk device, the hosts transmit the commands based on the access-right change command 110 a which, as illustrated in FIG. 19, includes the logical disks becoming the access-right change targets, the host identification information on the hosts whose access rights are to be changed, and the access enablement/disablement information. The disk device changes, to “enable” or “disable”, the I/O-enable/disable information in entries in which the logical disks and the host identification information within the access-right management table 35 aa illustrated in FIG. 18 and the logical disks and the host identification information included in the access-right change command 110 a coincide with each other. This allows the implementation of the access-right changes on each host basis and on each logical-disk basis.
As described above, base on the second method in the fourth embodiment of the present invention, the access-right change commands are performed in batch with respect to the logical-disk group that the application processes access. This permits the implementation of the access control on each application-process basis.
The above-described first method in the fourth embodiment of the present invention requires that the application-process identification information be added to the I/O requests. On the other hand, the case of the second method permits the in-batch access control over the logical disks to be executed on each application-process basis without adding the application-process identification information to the I/O requests.
FIG. 20 is a block diagram for illustrating the configuration of an information processing system according to a fifth embodiment of the present invention to which the present invention is applicable. The fifth embodiment illustrated in FIG. 20 is an embodiment configured as follows: There exist plural execution-node hosts in such a manner that, even if a failure occurs in whatever execution-node host, one standby-node host will be able to restart the execution of a processing in the execution-node host where the failure has occurred. In this case, if I/O requests from the plural execution-node hosts occur simultaneously, and if a failure occurs in one of the execution-node hosts, it is required to cut off the I/O request from the execution-node host where the failure has occurred, and to release the cut-off of the I/O request from the standby-node host. The present invention performs the access control on each host basis, which makes the present invention applicable to even the configuration like this.
The above-described respective processings in the respective embodiments of the present invention can be configured as processing programs. These processing programs can be provided in a state of being stored into storage media such as a HD, a DAT, a FD, a MO, a DVD-ROM, and a CD-ROM.
It should be further understood by those skilled in the art that although the foregoing description has been made on embodiments of the invention, the invention is not limited thereto and various changes and modifications may be made without departing from the spirit of the invention and the scope of the appended claims.

Claims (2)

1. A method of controlling enablement/disablement of I/O requests from plural host computers to a disk device, said method comprising:
in said host computers,
transmitting access-right change commands to said disk device, said access-right change commands including one piece or plural pieces of information having I/O-enable/disable information and host identification information to correspond to each other in a one-to-one correspondence manner, said I/O-enable/disable information indicating whether or not said disk device will execute said I/O requests from said host computers, said host identification information identifying said respective host computers, and
issuing, to said disk device, said I/O requests to which said host computers have added said host identification information; and
in said disk device,
changing entirely said I/O-enable/disable information for each of said host computers relating to the plurality of I/O requests for plural paths held by each of said host computers between said host computers and said disk device in response to a single transmission of one of said access-right change commands from one of said host computers, and storing and holding said I/O-enable/disable information in an access-right management table,
identifying request-source host computers in response to said I/O requests from said host computers, and,
based on said host identification information and said I/O-enable/disable information held in said access-right management table, enabling or disabling said I/O requests to be executed on each host-computer's node basis.
2. An information processing system configured to control execution enablement/disablement of I/O requests from plural host computers to a disk device, comprising:
each of said host computers including:
an I/O request unit for issuing an I/O request to which said I/O request unit has added host identification information for identifying said respective host computers, and
an access-right change command unit for transmitting an access-right change command to said disk device, said access-right change command including one piece or plural pieces of information having I/O-enable/disable information and said host identification information correspond to each other in a one-to-one correspondence manner, said I/O-enable/disable information indicating whether or not said disk device will execute said I/O requests from said host computers; and
said disk device including:
an access-right management table for storing and holding said access-right change commands from said host computers,
an access control unit for identifying request-source host computers of said I/O requests, and for judging whether to enable/disable said I/O requests to be executed on each host-computer basis, based upon said host identification information and said access-right management table, and
an access-right change unit that, in accordance with said access-right change commands from said host computers within said access-right management table, changes entirely said I/O-enable/disable information for each of said host computers relating to the plurality of I/O requests for plural oaths held by each of said host computers between said host computers and said disk device in response to a single transmission of one of said access-right change commands from one of said host computers,
said disk device enabling or disabling said I/O requests on each host-computer's node basis, with said host computers being said I/O request sources.
US12/369,994 2003-10-23 2009-02-12 Method for switching node and an information processing system Expired - Fee Related US7660918B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/369,994 US7660918B2 (en) 2003-10-23 2009-02-12 Method for switching node and an information processing system

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP2003363531A JP2005128781A (en) 2003-10-23 2003-10-23 System changeover method and information processing system
JP2003-363531 2003-10-23
US10/806,338 US20050091419A1 (en) 2003-10-23 2004-03-23 Method for switching node and an information processing system
US12/369,994 US7660918B2 (en) 2003-10-23 2009-02-12 Method for switching node and an information processing system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/806,338 Continuation US20050091419A1 (en) 2003-10-23 2004-03-23 Method for switching node and an information processing system

Publications (2)

Publication Number Publication Date
US20090157915A1 US20090157915A1 (en) 2009-06-18
US7660918B2 true US7660918B2 (en) 2010-02-09

Family

ID=34510051

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/806,338 Abandoned US20050091419A1 (en) 2003-10-23 2004-03-23 Method for switching node and an information processing system
US12/369,994 Expired - Fee Related US7660918B2 (en) 2003-10-23 2009-02-12 Method for switching node and an information processing system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/806,338 Abandoned US20050091419A1 (en) 2003-10-23 2004-03-23 Method for switching node and an information processing system

Country Status (2)

Country Link
US (2) US20050091419A1 (en)
JP (1) JP2005128781A (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060285550A1 (en) * 2005-06-16 2006-12-21 Cam-Thuy Do Apparatus, system, and method for communicating over multiple paths
JP4792958B2 (en) * 2005-12-21 2011-10-12 日本電気株式会社 Data control system, shared disk device, and disk access restriction switching method used therefor
US7694101B2 (en) * 2005-12-30 2010-04-06 Vmware, Inc. Implementing virtual disk reservations on a storage media for multiple distributed applications
JP4939102B2 (en) * 2006-04-21 2012-05-23 株式会社日立製作所 Reliable method for network boot computer system
JP4874847B2 (en) * 2007-03-27 2012-02-15 株式会社東芝 Cluster system
JP5002296B2 (en) * 2007-03-27 2012-08-15 株式会社東芝 Cluster system and program
JP5074274B2 (en) * 2008-04-16 2012-11-14 株式会社日立製作所 Computer system and communication path monitoring method
CN104969235B (en) 2013-01-31 2018-02-02 日本电气株式会社 Network system
US11936645B2 (en) 2017-03-30 2024-03-19 Kingston Digital, Inc. Smart security storage system
US10880296B2 (en) * 2017-03-30 2020-12-29 Kingston Digital Inc. Smart security storage

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH06325008A (en) 1993-03-17 1994-11-25 Hitachi Ltd Computer system provided with reset function
JP2000322369A (en) 1999-03-05 2000-11-24 Hitachi Ltd Disk device and computer system using the device
US6219771B1 (en) 1996-08-30 2001-04-17 Nec Corporation Data storage apparatus with improved security process and partition allocation functions
US20020083282A1 (en) 2000-10-20 2002-06-27 Kenji Yoshino Data processing device, data storage device, data processing method, and program providing medium
US20030126225A1 (en) 2001-12-28 2003-07-03 Camble Peter Thomas System and method for peripheral device virtual functionality overlay
US20030221124A1 (en) 2002-05-23 2003-11-27 International Business Machines Corporation File level security for a metadata controller in a storage area network
US6820168B2 (en) 2001-01-25 2004-11-16 Hitachi, Ltd. Storage system and virtual private volume control method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH06325008A (en) 1993-03-17 1994-11-25 Hitachi Ltd Computer system provided with reset function
US6219771B1 (en) 1996-08-30 2001-04-17 Nec Corporation Data storage apparatus with improved security process and partition allocation functions
JP2000322369A (en) 1999-03-05 2000-11-24 Hitachi Ltd Disk device and computer system using the device
US20020083282A1 (en) 2000-10-20 2002-06-27 Kenji Yoshino Data processing device, data storage device, data processing method, and program providing medium
US6820168B2 (en) 2001-01-25 2004-11-16 Hitachi, Ltd. Storage system and virtual private volume control method
US20030126225A1 (en) 2001-12-28 2003-07-03 Camble Peter Thomas System and method for peripheral device virtual functionality overlay
US20030221124A1 (en) 2002-05-23 2003-11-27 International Business Machines Corporation File level security for a metadata controller in a storage area network

Also Published As

Publication number Publication date
JP2005128781A (en) 2005-05-19
US20090157915A1 (en) 2009-06-18
US20050091419A1 (en) 2005-04-28

Similar Documents

Publication Publication Date Title
US7660918B2 (en) Method for switching node and an information processing system
US6725295B2 (en) Multi-path computer system
US7272674B1 (en) System and method for storage device active path coordination among hosts
US8423816B2 (en) Method and computer system for failover
US6389555B2 (en) System and method for fail-over data transport
US6654902B1 (en) Persistent reservation IO barriers
JP4299474B2 (en) Method, system, and medium for selecting a preferred path to a storage device
EP1760591B1 (en) System and method of managing access path
US7194662B2 (en) Method, apparatus and program storage device for providing data path optimization
US7650446B2 (en) Storage system for back-end communications with other storage system
US7921325B2 (en) Node management device and method
US7406039B2 (en) System and method for a failover protocol in storage area network controllers
US7293194B2 (en) Method and device for switching database access part from for-standby to currently in use
US8589642B2 (en) Computer system duplicating writes by synchronous remote copy with multiple host computers using heterogeneous operating systems
EP2071469B1 (en) Communication processing method, device and program
EP1357465A2 (en) Storage system having virtualized resource
US20050289390A1 (en) Failover method for a cluster computer system
JP2006504186A (en) System with multiple transmission line failover, failback and load balancing
JP2002063063A (en) Storage area network managing system
GB2515554A (en) Maintaining computer system operability
KR20030067712A (en) A method of improving the availability of a computer clustering system through the use of a network medium link state function
US20090204733A1 (en) Path maintenance mechanism
JP3957065B2 (en) Network computer system and management device
US20080215767A1 (en) Storage usage exclusive method
US20080244306A1 (en) Storage system and management method for the same

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.)

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.)

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20180209